Cyber Posture

CVE-2025-43264

High

Published: 02 April 2026

Published
02 April 2026
Modified
03 April 2026
KEV Added
Patch
CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0003 7.9th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-43264 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Apple Macos. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 7.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Client Execution (T1203) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-16 Memory Protection good match
prevent

SI-16 directly mitigates memory corruption vulnerabilities like CVE-2025-43264 by enforcing memory protection mechanisms such as non-executable memory and bounds checking during image processing.

SI-10 Information Input Validation good match
prevent

SI-10 prevents exploitation by validating malformed image inputs that could trigger memory corruption in the image processing component.

SI-2 Flaw Remediation good match
prevent

SI-2 ensures timely application of vendor patches, such as macOS Sequoia 15.6, to remediate the specific memory handling flaw in CVE-2025-43264.

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
attack.mitre.org →
T1204.002 Malicious File Execution
An adversary may rely upon a user opening a malicious file in order to gain execution.
attack.mitre.org →
Why these techniques?

Memory corruption in image processing with remote vector and required user interaction (opening/viewing crafted file) directly enables client-side exploitation and malicious file execution leading to RCE.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted image may corrupt process memory.

Deeper analysisAI

CVE-2025-43264 is a memory corruption vulnerability (CWE-119) addressed through improved memory handling in macOS. It affects macOS versions prior to Sequoia 15.6, where processing a maliciously crafted image can lead to process memory corruption. The vulnerability was published on 2026-04-02 and carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).

Attackers can exploit this vulnerability remotely over the network with low attack complexity and no required privileges, though user interaction is necessary, such as opening or viewing the malicious image file. Successful exploitation enables high-impact consequences, including unauthorized disclosure of information, modification of data, and denial of service through process disruption.

Apple's security advisory confirms the issue is fixed in macOS Sequoia 15.6. Security practitioners should ensure systems are updated to this version or later, and advise users to avoid processing untrusted images. Additional details are available at https://support.apple.com/en-us/124149.

Details

CWE(s)
CWE-119

Affected Products

apple
macos
≤ 15.6

CVEs Like This One

CVE-2025-30437Same product: Apple Macos
CVE-2025-24109Same product: Apple Macos
CVE-2025-24135Same product: Apple Macos
CVE-2025-43253Same product: Apple Macos
CVE-2025-43219Same product: Apple Macos
CVE-2025-24259Same product: Apple Macos
CVE-2025-24170Same product: Apple Macos
CVE-2026-20658Same product: Apple Macos
CVE-2025-24233Same product: Apple Macos
CVE-2025-24103Same product: Apple Macos

References